Report - upload.ee/download/14894859/1df7e0d6596c1f8adb9a/hdrezkasimpleplayer

Report Overview

Visited public
2024-10-11 18:46:30
Tags
URL
upload.ee/download/14894859/1df7e0d6596c1f8adb9a/hdrezkasimpleplayer_1.8.zip
Finishing URL
www.upload.ee/files/14894859/HDRezkaSimplePlayer_1.8.zip.html
IP / ASN
57.129.39.102
#16276 OVH SAS
Title
UPLOAD.EE - HDRezkaSimplePlayer_1.8.zip - Download

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
status.rapidssl.com	6946	2002-04-05	2018-06-15 22:49:00	2024-10-10 18:40:07	331 B	735 B	192.229.221.95
ukankingwithea.com	unknown	2024-01-01	2024-09-07 02:18:13	2024-10-11 12:15:27	846 B	122 kB	172.67.192.190
undefined	142677	unknown	2020-01-28 20:52:40	2023-07-23 07:59:56	920 B	0 B	0.0.0.0
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2024-10-11 05:00:58	871 B	181 kB	142.250.74.168
r11.o.lencr.org	unknown	2020-06-29	2024-06-07 07:43:57	2024-10-10 18:12:11	981 B	2.7 kB	23.33.119.57
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-10-10 18:12:14	1.3 kB	3.6 kB	23.36.76.226
upload.ee	450367	2010-07-04	2015-01-15 12:52:19	2024-10-10 17:02:52	530 B	591 B	57.129.39.102
o.pki.goog	unknown	2016-06-13	2024-04-24 13:44:57	2024-10-10 18:12:58	1.6 kB	3.5 kB	142.250.74.131
osadooffinegold.com	unknown	unknown	No data	No data	1.9 kB	3.7 kB	54.240.174.75
mileesidesukbein.com	unknown	unknown	No data	No data	2.2 kB	2.5 kB	172.67.159.114
www.upload.ee	981196	2010-07-04	2012-05-24 10:39:37	2024-10-10 13:53:07	4.6 kB	26 kB	57.129.39.102
du0pud0sdlmzf.cloudfront.net	unknown	2008-04-25	2023-08-24 12:49:59	2024-10-11 12:20:27	1.8 kB	120 kB	143.204.42.159
accounts.google.com	81	1997-09-15	2016-03-20 13:44:49	2024-10-10 19:11:17	3.7 kB	13 kB	64.233.162.84

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-10-11	medium	undefined	Sinkholed

ThreatFox

No alerts detected

JavaScript (11)

	URL	From	Size	First Seen	Last Seen
	du0pud0sdlmzf.cloudfront.net/?dupud=997369	ScriptElement	362 kB	2024-10-12	2024-10-12
Pretty URL du0pud0sdlmzf.cloudfront.net/?dupud=997369 IP 143.204.42.159 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-12 13:54 Last Seen2024-10-12 13:54 Times Seen8 Hash d95ca3b28ff212a95ec821ae70964080 3024c5bae1e94095ce2d6b5afb088ff6e353a161 ecfd4330540758f053e4cc37407c98542a1d8966ea26d4ff02f9e602797645ba Loading...

	www.googletagmanager.com/gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c	ScriptElement	300 kB	2024-10-12	2024-10-12
Pretty URL www.googletagmanager.com/gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-12 13:54 Last Seen2024-10-12 13:54 Times Seen1 Hash 33f17786fe1adc6587a1c21f7f929c09 2e6fce29823201c65e1cef4e1e8d3b514a44818a 25f2c46e06f28c78bf494ffab25c4625f1c2146473fce8c921c95a3147bbc08d Loading...

	www.upload.ee/files/14894859/HDRezkaSimplePlayer_1.8.zip.html	ScriptElement	14 B	2023-03-09	2025-05-02
Pretty URL www.upload.ee/files/14894859/HDRezkaSimplePlayer_1.8.zip.html IP 57.129.39.102 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 23:09 Last Seen2025-05-02 10:16 Times Seen3307 Hash 48e07e6b9e60fc36f21db6b71bf0b4b1 fb4085cc0058779b28e5c366a2b92cf242399c2f 3cbdc71216bd0aa119c93b4c5213941e9972e26ef16b3386c7c9cb32bcc60d64 Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-03
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-03 05:00 Times Seen339368 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www.upload.ee/files/14894859/sandbox%20eval%20code		147 B	2023-04-11	2025-05-03
Pretty URL www.upload.ee/files/14894859/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-03 05:00 Times Seen340154 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.upload.ee/files/14894859/HDRezkaSimplePlayer_1.8.zip.html	ScriptElement	57 B	2023-03-09	2025-05-02
Pretty URL www.upload.ee/files/14894859/HDRezkaSimplePlayer_1.8.zip.html IP 57.129.39.102 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 23:09 Last Seen2025-05-02 10:16 Times Seen3305 Hash 63fa78e3d4ae4b7fc4cf5126264cb75e 65657518c61173b8205d4fb68aabfae6ae7270a0 a31d904d1ab6191632f68d0b375b622e4699c6e840f99ce53699df5d9f77ef6a Loading...

	www.upload.ee/files/14894859/sandbox%20eval%20code		128 B	2023-05-06	2025-05-03
Pretty URL www.upload.ee/files/14894859/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-06 01:21 Last Seen2025-05-03 05:28 Times Seen24200 Hash 23c336606ee3a6d444b305153fa0e2e2 473a2111970ae2a94b373e656d20c4bd4184d703 305375d5052f6a14434d2d338f852f0f4f04fb26495f88a5d62b6afde2e2cc60 Loading...

	www.upload.ee/js/js__file_upload.js	ScriptElement	26 kB	2023-10-24	2025-05-02
Pretty URL www.upload.ee/js/js__file_upload.js IP 57.129.39.102 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-24 16:45 Last Seen2025-05-02 10:16 Times Seen3212 Hash 66684709338f7239056ff3302e16bc4a 7dbd501434bdc062cdc8f6744e272a7d39ca5136 5163e50a8fe4549a8ca064e266de9c8e6aebd1d848185e0931959824a4d32c0f Loading...

	pagead2.googlesyndication.com/pagead/js/adsbygoogle.js	ScriptElement	1.6 kB	2023-05-06	2025-05-03
Pretty URL pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-06 01:21 Last Seen2025-05-03 05:28 Times Seen23997 Hash 2e9e391ad98fbe1b2de0b7b4fa9ca904 21d7771223e8286a06ad878af425094a40de32b5 1468d954f25ab75355f3c0f42cd9c84efd64a67922c47d3b69bdb6d0eb399e69 Loading...

	www.googletagmanager.com/gtag/js?id=UA-6703115-1	ScriptElement	213 kB	2024-10-11	2024-10-12
Pretty URL www.googletagmanager.com/gtag/js?id=UA-6703115-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-11 20:46 Last Seen2024-10-12 13:54 Times Seen2 Hash 03ccbde1af9831c2d5ca92ff629b84e5 35d0d2870c4e120874e5f795836e75412a104dd5 4b68d50094dcd0d19f463828add66779b127c356bd99348d9d4609d86ffef368 Loading...

	www.upload.ee/files/14894859/HDRezkaSimplePlayer_1.8.zip.html	ScriptElement	155 B	2023-03-09	2025-05-02
Pretty URL www.upload.ee/files/14894859/HDRezkaSimplePlayer_1.8.zip.html IP 57.129.39.102 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 23:09 Last Seen2025-05-02 10:16 Times Seen3296 Hash ba71a86056b5c9ef37b625aade54337e 4769c2a07aa71c342dcb06dfa2950cff7ecae40f 65d96ab8cd224643e09a693cdc8fa0b76eb9c6cfe0a4be8b797136ca83a305c0 Loading...

HTTP Transactions (43)

URL IP Response Size

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
dcc1f286316666aace43b80e61f7bba2
06578f86171e74992d0322ff98fdc0002eff34ae
502101264adb28935b77c2391a20d927a03e23aa86995b60cd6de2201d77fa25

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "502101264ADB28935B77C2391A20D927A03E23AA86995B60CD6DE2201D77FA25"
Last-Modified: Fri, 11 Oct 2024 03:42:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12983
Expires: Fri, 11 Oct 2024 22:22:26 GMT
Date: Fri, 11 Oct 2024 18:46:03 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
920bdf0f69fdb6559033f1933948eb54
e9787dd5323db850d1bb672c4c071b1d39a9ebe4
f362a670f4f4ba2d43367dcee06b640aa43afc7045c0a29b0609ca824d7d658a

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "F362A670F4F4BA2D43367DCEE06B640AA43AFC7045C0A29B0609CA824D7D658A"
Last-Modified: Fri, 11 Oct 2024 09:44:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12399
Expires: Fri, 11 Oct 2024 22:12:42 GMT
Date: Fri, 11 Oct 2024 18:46:03 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
36f66a869b9d38762409dbbe1da64bad
77b699c33a7ddc6a9fee2919b852cf8a4b22da0b
cdf370a2e3b59729aee219dee9744cdf4da205864c66118a79742c08cd438c31

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "CDF370A2E3B59729AEE219DEE9744CDF4DA205864C66118A79742C08CD438C31"
Last-Modified: Thu, 10 Oct 2024 21:41:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5608
Expires: Fri, 11 Oct 2024 20:19:32 GMT
Date: Fri, 11 Oct 2024 18:46:04 GMT
Connection: keep-alive

status.rapidssl.com/

192.229.221.95

471 B

URL
status.rapidssl.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
506fbdafa51d47d227244da272f3b1e5
5d4da065f57d6daf5ff94208e66e5791128c6470
f7842a7787207c957a8fa802e39cdbb3d762ea66a0dccbba9045118201935446

HTTP Headers

POST / HTTP/1.1
Host: status.rapidssl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5019
Cache-Control: max-age=7200
Content-Type: application/ocsp-response
Date: Fri, 11 Oct 2024 18:46:04 GMT
Last-Modified: Fri, 11 Oct 2024 17:22:26 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 471

upload.ee/download/14894859/1df7e0d6596c1f8adb9a/hdrezkasimpleplayer_1.8.zip

57.129.39.102

295 B

URL
upload.ee/download/14894859/1df7e0d6596c1f8adb9a/hdrezkasimpleplayer_1.8.zip
IP
57.129.39.102:0
ASN
#16276 OVH SAS

File type
HTML document, ASCII text
Size
295 B (295 bytes)
Hash
a3c7c3b67e4170571c833563c93d984a
fb8ef2a8a247a8ec5a5a0402d572d471c0704ed2
69a731c1a7ba8763b4a2f0875fb5bb5f63dfc300e35d6bc07ed5b0719b79fc85

HTTP Headers

GET /download/14894859/1df7e0d6596c1f8adb9a/hdrezkasimpleplayer_1.8.zip HTTP/1.1
Host: upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 11 Oct 2024 18:46:04 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 295
Connection: keep-alive
Keep-Alive: timeout=5
Location: http://www.upload.ee/download/14894859/1df7e0d6596c1f8adb9a/hdrezkasimpleplayer_1.8.zip

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
ed6e60e33d0aa95a26592786089c9116
53a5ea803e1191edc5630b976fa90601237d258d
98933ab8c57ee731e4f66f10d98ffec955d29f456dde460d0a0a1f91a5a4aa1f

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "98933AB8C57EE731E4F66F10D98FFEC955D29F456DDE460D0A0A1F91A5A4AA1F"
Last-Modified: Thu, 10 Oct 2024 16:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10645
Expires: Fri, 11 Oct 2024 21:43:29 GMT
Date: Fri, 11 Oct 2024 18:46:04 GMT
Connection: keep-alive

www.upload.ee/download/14894859/1df7e0d6596c1f8adb9a/hdrezkasimpleplayer_1.8.zip

57.129.39.102

0 B

URL
www.upload.ee/download/14894859/1df7e0d6596c1f8adb9a/hdrezkasimpleplayer_1.8.zip
IP
57.129.39.102:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /download/14894859/1df7e0d6596c1f8adb9a/hdrezkasimpleplayer_1.8.zip HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Fri, 11 Oct 2024 18:46:04 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=5
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
Location: https://www.upload.ee/download/14894859/1df7e0d6596c1f8adb9a/hdrezkasimpleplayer_1.8.zip

www.upload.ee/download/14894859/1df7e0d6596c1f8adb9a/hdrezkasimpleplayer_1.8.zip

57.129.39.102

405 B

URL
www.upload.ee/download/14894859/1df7e0d6596c1f8adb9a/hdrezkasimpleplayer_1.8.zip
IP
57.129.39.102:0
ASN
#16276 OVH SAS

File type
HTML document, ASCII text, with very long lines (405), with no line terminators
Size
405 B (405 bytes)
Hash
e5328a1baafd4e2f654d6869e3863f57
530bbb3a73da196ca54a0bcaf41040892ca08741
e31d0348e677cd3d94026fa7041740b9215863162bf8440820311a5204b151be

HTTP Headers

GET /download/14894859/1df7e0d6596c1f8adb9a/hdrezkasimpleplayer_1.8.zip HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 11 Oct 2024 18:46:04 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 405
Connection: keep-alive
Keep-Alive: timeout=5
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
P3P: CP="CAO PSA OUR"

www.upload.ee/download/14894859/1df7e0d6596c1f8adb9a/hdrezkasimpleplayer_1.8.zip

57.129.39.102

405 B

URL
www.upload.ee/download/14894859/1df7e0d6596c1f8adb9a/hdrezkasimpleplayer_1.8.zip
IP
57.129.39.102:0
ASN
#16276 OVH SAS

File type
HTML document, ASCII text, with very long lines (405), with no line terminators
Size
405 B (405 bytes)
Hash
e5328a1baafd4e2f654d6869e3863f57
530bbb3a73da196ca54a0bcaf41040892ca08741
e31d0348e677cd3d94026fa7041740b9215863162bf8440820311a5204b151be

HTTP Headers

GET /download/14894859/1df7e0d6596c1f8adb9a/hdrezkasimpleplayer_1.8.zip HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 11 Oct 2024 18:46:04 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 405
Connection: keep-alive
Keep-Alive: timeout=5
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
P3P: CP="CAO PSA OUR"

www.upload.ee/files/14894859/HDRezkaSimplePlayer_1.8.zip.html

57.129.39.102

200 OK

8.3 kB

URL User Request GET HTTP/1.1
www.upload.ee/files/14894859/HDRezkaSimplePlayer_1.8.zip.html
IP
57.129.39.102:443
ASN
#16276 OVH SAS

Certificate
IssuerDigiCert Inc
Subjectwww.upload.ee
Fingerprint2A:42:9A:2D:AB:74:0A:9E:21:D8:90:F6:D3:67:65:F2:CF:22:E0:2E
ValiditySun, 24 Mar 2024 00:00:00 GMT - Sat, 22 Mar 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (4526)
Size
8.3 kB (8314 bytes)
Hash
65bbc9211512c721f0c161dc34c0c6c2
9e0306612ae58658546435cc04934514752135a1
49ea4fce9e078bd33c3960756b11ecd9838a3980fac48c672e8de71c86033f38

HTTP Headers

GET /files/14894859/HDRezkaSimplePlayer_1.8.zip.html HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/download/14894859/1df7e0d6596c1f8adb9a/hdrezkasimpleplayer_1.8.zip
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Oct 2024 18:46:05 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 8314
Connection: keep-alive
Keep-Alive: timeout=20
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
P3P: CP="CAO PSA OUR"
Content-Encoding: gzip
Set-Cookie: lng=eng; expires=Fri, 08-Nov-2024 18:46:05 GMT; path=/; domain=www.upload.ee; secure; httponly; SameSite=None
Last-Modified: Fri, 11 Oct 2024 18:46:05 GMT

www.upload.ee/static/ubr__style.css

57.129.39.102

200 OK

2.8 kB

URL GET HTTP/1.1
www.upload.ee/static/ubr__style.css
IP
57.129.39.102:443
ASN
#16276 OVH SAS

Requested by
https://www.upload.ee/files/14894859/HDRezkaSimplePlayer_1.8.zip.html
Certificate
IssuerDigiCert Inc
Subjectwww.upload.ee
Fingerprint2A:42:9A:2D:AB:74:0A:9E:21:D8:90:F6:D3:67:65:F2:CF:22:E0:2E
ValiditySun, 24 Mar 2024 00:00:00 GMT - Sat, 22 Mar 2025 23:59:59 GMT

File type
ASCII text, with very long lines (591), with CRLF line terminators
Size
2.8 kB (2841 bytes)
Hash
7b9692d4caecccf38e40d2333f8e00b0
8ecb4f873571250f02a5cc2ceff0a24aed25fc33
c4042306388924b75aa7d584c1e61165264967a52d09544ecba836f0d00eb9b9

HTTP Headers

GET /static/ubr__style.css HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/14894859/HDRezkaSimplePlayer_1.8.zip.html
Cookie: lng=eng
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Oct 2024 18:46:05 GMT
Content-Type: text/css
Last-Modified: Wed, 03 Jul 2024 13:31:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
ETag: W/"66855297-24da"
Expires: Fri, 18 Oct 2024 18:46:05 GMT
Cache-Control: max-age=604800
Vary: Accept-Encoding
Content-Encoding: gzip

www.upload.ee/js/js__file_upload.js

57.129.39.102

200 OK

7.7 kB

URL GET HTTP/1.1
www.upload.ee/js/js__file_upload.js
IP
57.129.39.102:443
ASN
#16276 OVH SAS

Requested by
https://www.upload.ee/files/14894859/HDRezkaSimplePlayer_1.8.zip.html
Certificate
IssuerDigiCert Inc
Subjectwww.upload.ee
Fingerprint2A:42:9A:2D:AB:74:0A:9E:21:D8:90:F6:D3:67:65:F2:CF:22:E0:2E
ValiditySun, 24 Mar 2024 00:00:00 GMT - Sat, 22 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (1853)
Size
7.7 kB (7670 bytes)
Hash
66684709338f7239056ff3302e16bc4a
7dbd501434bdc062cdc8f6744e272a7d39ca5136
5163e50a8fe4549a8ca064e266de9c8e6aebd1d848185e0931959824a4d32c0f

HTTP Headers

GET /js/js__file_upload.js HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/14894859/HDRezkaSimplePlayer_1.8.zip.html
Cookie: lng=eng
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Oct 2024 18:46:05 GMT
Content-Type: application/javascript
Last-Modified: Wed, 03 Jul 2024 13:31:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
ETag: W/"66855297-651c"
Expires: Fri, 18 Oct 2024 18:46:05 GMT
Cache-Control: max-age=604800
Vary: Accept-Encoding
Content-Encoding: gzip

www.upload.ee/images/arrow.gif

57.129.39.102

200 OK

59 B

URL GET HTTP/1.1
www.upload.ee/images/arrow.gif
IP
57.129.39.102:443
ASN
#16276 OVH SAS

Requested by
https://www.upload.ee/files/14894859/HDRezkaSimplePlayer_1.8.zip.html
Certificate
IssuerDigiCert Inc
Subjectwww.upload.ee
Fingerprint2A:42:9A:2D:AB:74:0A:9E:21:D8:90:F6:D3:67:65:F2:CF:22:E0:2E
ValiditySun, 24 Mar 2024 00:00:00 GMT - Sat, 22 Mar 2025 23:59:59 GMT

File type
GIF image data, version 89a, 6 x 9
Size
59 B (59 bytes)
Hash
6675f814b94f13f91f1383707b250e36
31452650e8fce2095613a2010799bdb7548bdd51
061d01a0b85f948c6ec464870ecec4654c4bd2ff15cacda941bbbf16225ec411

HTTP Headers

GET /images/arrow.gif HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/14894859/HDRezkaSimplePlayer_1.8.zip.html
Cookie: lng=eng
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Oct 2024 18:46:05 GMT
Content-Type: image/gif
Content-Length: 59
Last-Modified: Wed, 03 Jul 2024 13:31:03 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "66855297-3b"
Expires: Fri, 18 Oct 2024 18:46:05 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes

www.upload.ee/images/dl_.png

57.129.39.102

200 OK

1.9 kB

URL GET HTTP/1.1
www.upload.ee/images/dl_.png
IP
57.129.39.102:443
ASN
#16276 OVH SAS

Requested by
https://www.upload.ee/files/14894859/HDRezkaSimplePlayer_1.8.zip.html
Certificate
IssuerDigiCert Inc
Subjectwww.upload.ee
Fingerprint2A:42:9A:2D:AB:74:0A:9E:21:D8:90:F6:D3:67:65:F2:CF:22:E0:2E
ValiditySun, 24 Mar 2024 00:00:00 GMT - Sat, 22 Mar 2025 23:59:59 GMT

File type
PNG image data, 154 x 32, 8-bit colormap, non-interlaced
Size
1.9 kB (1900 bytes)
Hash
f3e8f284a4e98cdb91b6abfc142d94a4
fa9e618c2f56bea752ddd7e45a372c5539dadda9
2f13919383f54ca21e5b87f5644df8a875b99815c821dcbbabea352d854c6882

HTTP Headers

GET /images/dl_.png HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/14894859/HDRezkaSimplePlayer_1.8.zip.html
Cookie: lng=eng
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Oct 2024 18:46:05 GMT
Content-Type: image/png
Content-Length: 1900
Last-Modified: Wed, 03 Jul 2024 13:31:03 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "66855297-76c"
Expires: Fri, 18 Oct 2024 18:46:05 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes

du0pud0sdlmzf.cloudfront.net/?dupud=997369

143.204.42.159

200 OK

117 kB

URL GET HTTP/2
du0pud0sdlmzf.cloudfront.net/?dupud=997369
IP
143.204.42.159:443
ASN
#16509 AMAZON-02

Requested by
https://www.upload.ee/files/14894859/HDRezkaSimplePlayer_1.8.zip.html
Certificate
IssuerAmazon
Subject*.cloudfront.net
Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62
ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (15945)
Size
117 kB (117404 bytes)
Hash
d95ca3b28ff212a95ec821ae70964080
3024c5bae1e94095ce2d6b5afb088ff6e353a161
ecfd4330540758f053e4cc37407c98542a1d8966ea26d4ff02f9e602797645ba

HTTP Headers

GET /?dupud=997369 HTTP/1.1
Host: du0pud0sdlmzf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 117404
date: Fri, 11 Oct 2024 18:46:05 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oiZm8V_shynJUJDqwkj88T5hhwi72wnNu4GngtI6K67ziwFI3LVcog==
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
31fd8c270501676fd780beb64a73bbd3
496283fe7d9630ef80b46fe861f5077c75629d11
23b964e0ba916ee9e9f4f29257b765259a9e2d590d7aec9c0184763f6f86babc

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Oct 2024 18:46:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-6703115-1

142.250.74.168

200 OK

77 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-6703115-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.upload.ee/files/14894859/HDRezkaSimplePlayer_1.8.zip.html
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint67:C2:D2:52:FF:49:65:5C:79:F7:93:22:F8:32:AB:11:AA:AB:6B:F7
ValidityTue, 24 Sep 2024 02:46:00 GMT - Tue, 17 Dec 2024 02:45:59 GMT

File type
JavaScript source, ASCII text, with very long lines (2345)
Size
77 kB (76745 bytes)
Hash
03ccbde1af9831c2d5ca92ff629b84e5
35d0d2870c4e120874e5f795836e75412a104dd5
4b68d50094dcd0d19f463828add66779b127c356bd99348d9d4609d86ffef368

HTTP Headers

GET /gtag/js?id=UA-6703115-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 11 Oct 2024 18:46:05 GMT
expires: Fri, 11 Oct 2024 18:46:05 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
server: Google Tag Manager
content-length: 76745
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
31fd8c270501676fd780beb64a73bbd3
496283fe7d9630ef80b46fe861f5077c75629d11
23b964e0ba916ee9e9f4f29257b765259a9e2d590d7aec9c0184763f6f86babc

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Oct 2024 18:46:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

osadooffinegold.com/VEk5QXA1K1osTzV0W2cFJiUEZEISbAsHFCF5STQUZDpdLR0uLxciHDs8XScCOydNbx4xPRxzNi4rCAMADgxaDCAjKnokMid8fRcccXt7Fx0wKGwvRR4AezIyHR9wLzg8B0kGGRUPejgpGC9eNjINGGwrMjMmChQaN3x4K0RiDmoENxoPACkgLH1PC0MNLXEoPgcQfHk5Hi58ciYRAFAAJBocbxY1Gwd4NSo3eVIqNwU6ShQZBQt6OEAyAFFxMR0bXXM4FR8PABpsHX0SAxAEbDknFR9JZEIWHmwHQQx6XhMmDBNyGAkgC10XSGwIeC4JEnpvIyYQcGEbGnkTaiJAJCNycTZlEUAIFgURaDQRAnByJUAOeG5wITMKUwwzF3tzJTY4PWwlHG0ubgciZhpUCyoVIA0lPgVxdRFAJCB1cEEsGG4DIBERSSRWPjpWLwBpLmknCQEAcSMDZHhvOxgc

54.240.174.75

200 OK

1.2 kB

URL GET HTTP/2
osadooffinegold.com/VEk5QXA1K1osTzV0W2cFJiUEZEISbAsHFCF5STQUZDpdLR0uLxciHDs8XScCOydNbx4xPRxzNi4rCAMADgxaDCAjKnokMid8fRcccXt7Fx0wKGwvRR4AezIyHR9wLzg8B0kGGRUPejgpGC9eNjINGGwrMjMmChQaN3x4K0RiDmoENxoPACkgLH1PC0MNLXEoPgcQfHk5Hi58ciYRAFAAJBocbxY1Gwd4NSo3eVIqNwU6ShQZBQt6OEAyAFFxMR0bXXM4FR8PABpsHX0SAxAEbDknFR9JZEIWHmwHQQx6XhMmDBNyGAkgC10XSGwIeC4JEnpvIyYQcGEbGnkTaiJAJCNycTZlEUAIFgURaDQRAnByJUAOeG5wITMKUwwzF3tzJTY4PWwlHG0ubgciZhpUCyoVIA0lPgVxdRFAJCB1cEEsGG4DIBERSSRWPjpWLwBpLmknCQEAcSMDZHhvOxgc
IP
54.240.174.75:443
ASN
#16509 AMAZON-02

Requested by
https://www.upload.ee/files/14894859/HDRezkaSimplePlayer_1.8.zip.html
Certificate
IssuerAmazon
Subjectosadooffinegold.com
Fingerprint37:D5:20:72:EB:7F:F1:D1:FD:82:6B:A2:35:3B:7B:1D:D3:66:D1:91
ValidityMon, 19 Aug 2024 00:00:00 GMT - Wed, 17 Sep 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (3049), with no line terminators
Size
1.2 kB (1201 bytes)
Hash
09be25917e18f122e31d7758b88bafd5
a0aff5c90ca8dad3e1327e9ddffc2534c3b1c851
306c311a9afe2304c4a93f01398454cc7676ce2d51b5c3b3e28613dd22126f26

HTTP Headers

GET /VEk5QXA1K1osTzV0W2cFJiUEZEISbAsHFCF5STQUZDpdLR0uLxciHDs8XScCOydNbx4xPRxzNi4rCAMADgxaDCAjKnokMid8fRcccXt7Fx0wKGwvRR4AezIyHR9wLzg8B0kGGRUPejgpGC9eNjINGGwrMjMmChQaN3x4K0RiDmoENxoPACkgLH1PC0MNLXEoPgcQfHk5Hi58ciYRAFAAJBocbxY1Gwd4NSo3eVIqNwU6ShQZBQt6OEAyAFFxMR0bXXM4FR8PABpsHX0SAxAEbDknFR9JZEIWHmwHQQx6XhMmDBNyGAkgC10XSGwIeC4JEnpvIyYQcGEbGnkTaiJAJCNycTZlEUAIFgURaDQRAnByJUAOeG5wITMKUwwzF3tzJTY4PWwlHG0ubgciZhpUCyoVIA0lPgVxdRFAJCB1cEEsGG4DIBERSSRWPjpWLwBpLmknCQEAcSMDZHhvOxgc HTTP/1.1
Host: osadooffinegold.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 1201
date: Fri, 11 Oct 2024 18:46:05 GMT
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0wIPC2W8EUACJuMyThvpDRXB7JVmACUpC9B7W782cZVH3Kd8h1DAOg==
X-Firefox-Spdy: h2

mileesidesukbein.com/dkhNaTBZdy4aDS8iFzB/IBoaKGcRCRcvYT4pKlBDIT94HXExeGsdWRJ1dFAHRX50T0AfLHBYFgU8LB1FBXV8T1kYLiJUFgB1fEcDQmZ+Xx5CbjhUAVA8PQhXS3lrGUQCJHBYB0Rwe14CRX54XQRH

172.67.159.114

204 No Content

0 B

URL GET HTTP/2
mileesidesukbein.com/dkhNaTBZdy4aDS8iFzB/IBoaKGcRCRcvYT4pKlBDIT94HXExeGsdWRJ1dFAHRX50T0AfLHBYFgU8LB1FBXV8T1kYLiJUFgB1fEcDQmZ+Xx5CbjhUAVA8PQhXS3lrGUQCJHBYB0Rwe14CRX54XQRH
IP
172.67.159.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.upload.ee/files/14894859/HDRezkaSimplePlayer_1.8.zip.html
Certificate
IssuerGoogle Trust Services
Subjectmileesidesukbein.com
FingerprintEF:D9:68:19:8E:C1:07:E9:C5:7D:C7:05:A8:BF:9C:6C:7B:51:9F:FF
ValidityFri, 06 Sep 2024 07:26:02 GMT - Thu, 05 Dec 2024 07:26:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /dkhNaTBZdy4aDS8iFzB/IBoaKGcRCRcvYT4pKlBDIT94HXExeGsdWRJ1dFAHRX50T0AfLHBYFgU8LB1FBXV8T1kYLiJUFgB1fEcDQmZ+Xx5CbjhUAVA8PQhXS3lrGUQCJHBYB0Rwe14CRX54XQRH HTTP/1.1
Host: mileesidesukbein.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Fri, 11 Oct 2024 18:46:05 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rHAk2c9HrGAGyeUuT1vG8tpdFGQe%2B0OcPFKdAXUBZAKdOOo%2BZpqKkIoK7UTsjpwdDYU5TA80B1dAgV7Qfy6IYh53NbtvaLLZPczmoWJVK34eJFqAu%2B5A%2Fad9SZ1lrfhi%2FX9GSrCKaw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d1102cc7dc756c7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c

142.250.74.168

200 OK

102 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.upload.ee/files/14894859/HDRezkaSimplePlayer_1.8.zip.html
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint67:C2:D2:52:FF:49:65:5C:79:F7:93:22:F8:32:AB:11:AA:AB:6B:F7
ValidityTue, 24 Sep 2024 02:46:00 GMT - Tue, 17 Dec 2024 02:45:59 GMT

File type
JavaScript source, ASCII text, with very long lines (4201)
Size
102 kB (102211 bytes)
Hash
33f17786fe1adc6587a1c21f7f929c09
2e6fce29823201c65e1cef4e1e8d3b514a44818a
25f2c46e06f28c78bf494ffab25c4625f1c2146473fce8c921c95a3147bbc08d

HTTP Headers

GET /gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 11 Oct 2024 18:46:05 GMT
expires: Fri, 11 Oct 2024 18:46:05 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
server: Google Tag Manager
content-length: 102211
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

mileesidesukbein.com/aXJudmpGTQ0FVwhAWxc4Wjg0IQcdCD8gJD4QACwuPiQCBgkCN0gCAw1PV09dXUNaUBoAFlNHTBoGDwIfGk9fUAMHFAFLTB9PX1hZXVxdQERdVBtLW08GHhcNVENIBh4dHlNHXVtKWEFYWkRbQlNb

172.67.159.114

204 No Content

0 B

URL GET HTTP/2
mileesidesukbein.com/aXJudmpGTQ0FVwhAWxc4Wjg0IQcdCD8gJD4QACwuPiQCBgkCN0gCAw1PV09dXUNaUBoAFlNHTBoGDwIfGk9fUAMHFAFLTB9PX1hZXVxdQERdVBtLW08GHhcNVENIBh4dHlNHXVtKWEFYWkRbQlNb
IP
172.67.159.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.upload.ee/files/14894859/HDRezkaSimplePlayer_1.8.zip.html
Certificate
IssuerGoogle Trust Services
Subjectmileesidesukbein.com
FingerprintEF:D9:68:19:8E:C1:07:E9:C5:7D:C7:05:A8:BF:9C:6C:7B:51:9F:FF
ValidityFri, 06 Sep 2024 07:26:02 GMT - Thu, 05 Dec 2024 07:26:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /aXJudmpGTQ0FVwhAWxc4Wjg0IQcdCD8gJD4QACwuPiQCBgkCN0gCAw1PV09dXUNaUBoAFlNHTBoGDwIfGk9fUAMHFAFLTB9PX1hZXVxdQERdVBtLW08GHhcNVENIBh4dHlNHXVtKWEFYWkRbQlNb HTTP/1.1
Host: mileesidesukbein.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Fri, 11 Oct 2024 18:46:05 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I3juqj3MYB2s2wxQj2ZuZA0vpI8pVwY8h6mAoAa7uwupk0e3s7VOHJ6%2FHPXQ8B7gTJaRqepyTLlfCsWNu%2FTwHnfK1GQ%2BPsSeKRa1e4IuMOwD93TeQ23hlUl%2BzDwHMtxWZjsUYgZd4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d1102ccae4756c7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

mileesidesukbein.com/YjJZVkFNDTolfAB3FwEUNloMNXMsXBgAE1VrNBMPNQEtPyAzCn8iKAYPYG92VgJhcDELVmRneURBLTc1F0FkZ2cLXD85fEREZGdvUhxreHRER2RnZxZCODF8UxQpIjUOD2hhc1oEbmRyVAdtYXI

172.67.159.114

204 No Content

0 B

URL GET HTTP/2
mileesidesukbein.com/YjJZVkFNDTolfAB3FwEUNloMNXMsXBgAE1VrNBMPNQEtPyAzCn8iKAYPYG92VgJhcDELVmRneURBLTc1F0FkZ2cLXD85fEREZGdvUhxreHRER2RnZxZCODF8UxQpIjUOD2hhc1oEbmRyVAdtYXI
IP
172.67.159.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.upload.ee/files/14894859/HDRezkaSimplePlayer_1.8.zip.html
Certificate
IssuerGoogle Trust Services
Subjectmileesidesukbein.com
FingerprintEF:D9:68:19:8E:C1:07:E9:C5:7D:C7:05:A8:BF:9C:6C:7B:51:9F:FF
ValidityFri, 06 Sep 2024 07:26:02 GMT - Thu, 05 Dec 2024 07:26:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /YjJZVkFNDTolfAB3FwEUNloMNXMsXBgAE1VrNBMPNQEtPyAzCn8iKAYPYG92VgJhcDELVmRneURBLTc1F0FkZ2cLXD85fEREZGdvUhxreHRER2RnZxZCODF8UxQpIjUOD2hhc1oEbmRyVAdtYXI HTTP/1.1
Host: mileesidesukbein.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Fri, 11 Oct 2024 18:46:05 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FnBYJVo2WdYebZ4HTRCCkkgViN8cv4YfudOIB2qdQJ9kTUVCcI1ok4mQnjHib1l6YOTxL1jyatbhByGb5u4EslY2RaTc12Pk%2FRHDjRq%2BGVolZVk2JgauCMppeIJvaovKMhDo2qwa4A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d1102cc9e1156c7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

osadooffinegold.com/U1ZTMDQyNDBdCzJrMRZBITpuFQYVc2F2UCZmI0VQYyU3XFkpMH1TWDwjN1ZGPDgnHlo2InYCciABC3pbMmc8BnwCDx1qZ2M0F3ZuOQ8WZlcEO2YVBhUXO197AxECdnwrLmN8dRoTEXRHag4SAHs1Eh5ydiQDImpwPBELWUcSFDlbex9la3dxNG89UWICExBaZXZkEWQEZxkddEQDAQYAAwMEEWZsYCEncVMwFwlJBDIUJHVFGCEKfXAAHHYCchEhP2d6KQ8acWUwZBx2UDIaBAkHAj1ialU9ExhnYiNzYXZVORQdZ2M8ZxRHbTYfPUh1BBQdWVYqZzZoB2onHnUZYgwyWUcWAgVXVgoTAXdjYBhrYXI0GwNKWwkUYwVbG2YRaWM+JiNhBTs3NQJAEBI0eVsDFAJ4cWBvIX5yFTI3d1gGHgVqRnU8IF9aI2sbXgEiDydhUSY

54.240.174.75

200 OK

1.2 kB

URL GET HTTP/2
osadooffinegold.com/U1ZTMDQyNDBdCzJrMRZBITpuFQYVc2F2UCZmI0VQYyU3XFkpMH1TWDwjN1ZGPDgnHlo2InYCciABC3pbMmc8BnwCDx1qZ2M0F3ZuOQ8WZlcEO2YVBhUXO197AxECdnwrLmN8dRoTEXRHag4SAHs1Eh5ydiQDImpwPBELWUcSFDlbex9la3dxNG89UWICExBaZXZkEWQEZxkddEQDAQYAAwMEEWZsYCEncVMwFwlJBDIUJHVFGCEKfXAAHHYCchEhP2d6KQ8acWUwZBx2UDIaBAkHAj1ialU9ExhnYiNzYXZVORQdZ2M8ZxRHbTYfPUh1BBQdWVYqZzZoB2onHnUZYgwyWUcWAgVXVgoTAXdjYBhrYXI0GwNKWwkUYwVbG2YRaWM+JiNhBTs3NQJAEBI0eVsDFAJ4cWBvIX5yFTI3d1gGHgVqRnU8IF9aI2sbXgEiDydhUSY
IP
54.240.174.75:443
ASN
#16509 AMAZON-02

Requested by
https://www.upload.ee/files/14894859/HDRezkaSimplePlayer_1.8.zip.html
Certificate
IssuerAmazon
Subjectosadooffinegold.com
Fingerprint37:D5:20:72:EB:7F:F1:D1:FD:82:6B:A2:35:3B:7B:1D:D3:66:D1:91
ValidityMon, 19 Aug 2024 00:00:00 GMT - Wed, 17 Sep 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (3035), with no line terminators
Size
1.2 kB (1190 bytes)
Hash
9533d72b5b2151b056bf4eda23a2a742
ff63a43a5f607bc6ae226d17714740cd390fcf7d
9c4dfb466401b7bd20349a4ddcfa2c5857e26e48e6d288349eff31c77cdae8bc

HTTP Headers

GET /U1ZTMDQyNDBdCzJrMRZBITpuFQYVc2F2UCZmI0VQYyU3XFkpMH1TWDwjN1ZGPDgnHlo2InYCciABC3pbMmc8BnwCDx1qZ2M0F3ZuOQ8WZlcEO2YVBhUXO197AxECdnwrLmN8dRoTEXRHag4SAHs1Eh5ydiQDImpwPBELWUcSFDlbex9la3dxNG89UWICExBaZXZkEWQEZxkddEQDAQYAAwMEEWZsYCEncVMwFwlJBDIUJHVFGCEKfXAAHHYCchEhP2d6KQ8acWUwZBx2UDIaBAkHAj1ialU9ExhnYiNzYXZVORQdZ2M8ZxRHbTYfPUh1BBQdWVYqZzZoB2onHnUZYgwyWUcWAgVXVgoTAXdjYBhrYXI0GwNKWwkUYwVbG2YRaWM+JiNhBTs3NQJAEBI0eVsDFAJ4cWBvIX5yFTI3d1gGHgVqRnU8IF9aI2sbXgEiDydhUSY HTTP/1.1
Host: osadooffinegold.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/html
content-length: 1190
date: Fri, 11 Oct 2024 18:46:05 GMT
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3_2S6nwqfLlGhSOcA9dPNMzcoCCFw-ZrVWcS-uhWHOYPRM9a98L21Q==
X-Firefox-Spdy: h2

www.upload.ee/favicon.ico

57.129.39.102

200 OK

1.2 kB

URL GET HTTP/1.1
www.upload.ee/favicon.ico
IP
57.129.39.102:443
ASN
#16276 OVH SAS

Requested by
https://www.upload.ee/files/14894859/HDRezkaSimplePlayer_1.8.zip.html
Certificate
IssuerDigiCert Inc
Subjectwww.upload.ee
Fingerprint2A:42:9A:2D:AB:74:0A:9E:21:D8:90:F6:D3:67:65:F2:CF:22:E0:2E
ValiditySun, 24 Mar 2024 00:00:00 GMT - Sat, 22 Mar 2025 23:59:59 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
f299cf2e651c19e48d27900ced493ccb
c2d1086d517d7a26292e0d7b32da7c55b166c23b
115c8eb4840245f7aed0cb2a17fa7e91b86f79bb2f223a25af8cc533e1dedff1

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/14894859/HDRezkaSimplePlayer_1.8.zip.html
Cookie: lng=eng; _ga_LT9YQX0N49=GS1.1.1728672365.1.0.1728672365.0.0.0; _ga=GA1.1.751482643.1728672366
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Oct 2024 18:46:05 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Wed, 03 Jul 2024 13:31:03 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "66855297-47e"
Expires: Fri, 18 Oct 2024 18:46:05 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes

du0pud0sdlmzf.cloudfront.net/zb1BpZEcMPwcCeBs5DVl+VmdaUn5JIBsBIVInHhNpGiAFCyYLfgwBYQUjBgo3Ujc5Aj46GSEGNF9hPx4vJ3YdHiNSYE8IJgE3VEIiATNUVWEONAtZc0kkGQssUiQBCy0fIh0AIRd2HAV6Aj8TDSsDMUxWAVp+WUF1X3gRVXZKYytBdV88AAoyF3VbVD9XZj-ZSc0pjK0F1XyIfQXQuaV9Kd0Z1W1QgCjMCC2JdFltUdl9gWFR2SmJZAi4dNQ8LP0piL11xQWBPEXpe

143.204.42.159

616 B

URL
du0pud0sdlmzf.cloudfront.net/zb1BpZEcMPwcCeBs5DVl+VmdaUn5JIBsBIVInHhNpGiAFCyYLfgwBYQUjBgo3Ujc5Aj46GSEGNF9hPx4vJ3YdHiNSYE8IJgE3VEIiATNUVWEONAtZc0kkGQssUiQBCy0fIh0AIRd2HAV6Aj8TDSsDMUxWAVp+WUF1X3gRVXZKYytBdV88AAoyF3VbVD9XZj-ZSc0pjK0F1XyIfQXQuaV9Kd0Z1W1QgCjMCC2JdFltUdl9gWFR2SmJZAi4dNQ8LP0piL11xQWBPEXpe
IP
143.204.42.159:0
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.cloudfront.net
Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62
ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT

File type
ASCII text, with very long lines (887), with no line terminators
Size
616 B (616 bytes)
Hash
7e06bead194a0d0d065eb4c82e20ba7b
4ef2f6d7c30ff89cfa831faf11609bff473a32e2
a55eb5d3476ce864096961b4f50a92c3376acd183f4b800cd23671b66b6859e9

HTTP Headers

GET /zb1BpZEcMPwcCeBs5DVl+VmdaUn5JIBsBIVInHhNpGiAFCyYLfgwBYQUjBgo3Ujc5Aj46GSEGNF9hPx4vJ3YdHiNSYE8IJgE3VEIiATNUVWEONAtZc0kkGQssUiQBCy0fIh0AIRd2HAV6Aj8TDSsDMUxWAVp+WUF1X3gRVXZKYytBdV88AAoyF3VbVD9XZj-ZSc0pjK0F1XyIfQXQuaV9Kd0Z1W1QgCjMCC2JdFltUdl9gWFR2SmJZAi4dNQ8LP0piL11xQWBPEXpe HTTP/1.1
Host: du0pud0sdlmzf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://osadooffinegold.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 616
date: Fri, 11 Oct 2024 18:46:05 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VF3iTIaLFCjG35Y7uQywunRXQz2ymquloMkq-F74McnC86GLUsXimA==
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2fa550788de07b8d47848a15e240cd9c
af163179e45e0a9481901a52ab1ffd14ffd6d65b
9122822273e75aa7d8dc54e1b2144d7162c2af721127e02ddf175f6ddab1466f

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Oct 2024 18:46:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

du0pud0sdlmzf.cloudfront.net/sWXJoa1o6HQYNZS0bDFZjYEVcWm5/AhoOPGQFHxx0LAIEBDs9XA0OfDMBBwUqZDoGXisABjkOL38GEg9naVQECjQ+T04ONDpPWU07PRBVX3wtAgcAZy0aBwEqKwYMDSJ/BwlWNzYIAQc2OFdaLW93Qk1ZanEKWVp/ajBNWWo1GwYeInxAWBNiby1eX39qME-1ZaisETVgbYERGW3N8QFgMPzoZB05oH0BYWmppQ1haf2tCDgIoPBQHE39rNFFddGlUHVZr

143.204.42.159

572 B

URL
du0pud0sdlmzf.cloudfront.net/sWXJoa1o6HQYNZS0bDFZjYEVcWm5/AhoOPGQFHxx0LAIEBDs9XA0OfDMBBwUqZDoGXisABjkOL38GEg9naVQECjQ+T04ONDpPWU07PRBVX3wtAgcAZy0aBwEqKwYMDSJ/BwlWNzYIAQc2OFdaLW93Qk1ZanEKWVp/ajBNWWo1GwYeInxAWBNiby1eX39qME-1ZaisETVgbYERGW3N8QFgMPzoZB05oH0BYWmppQ1haf2tCDgIoPBQHE39rNFFddGlUHVZr
IP
143.204.42.159:0
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.cloudfront.net
Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62
ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT

File type
ASCII text, with very long lines (809), with no line terminators
Size
572 B (572 bytes)
Hash
c2e898b66a53e37caa0b62bad563160d
bbfa94f4ab532c581b4ed762b7d487a8375079cd
253dbd298520704d7ba1388e602777d1f9b3d701a1c1bc3e3f1645b33158fbfa

HTTP Headers

GET /sWXJoa1o6HQYNZS0bDFZjYEVcWm5/AhoOPGQFHxx0LAIEBDs9XA0OfDMBBwUqZDoGXisABjkOL38GEg9naVQECjQ+T04ONDpPWU07PRBVX3wtAgcAZy0aBwEqKwYMDSJ/BwlWNzYIAQc2OFdaLW93Qk1ZanEKWVp/ajBNWWo1GwYeInxAWBNiby1eX39qME-1ZaisETVgbYERGW3N8QFgMPzoZB05oH0BYWmppQ1haf2tCDgIoPBQHE39rNFFddGlUHVZr HTTP/1.1
Host: du0pud0sdlmzf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://osadooffinegold.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 572
date: Fri, 11 Oct 2024 18:46:06 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _aI8pvcJMhtbaYpt0o_6wFDQ0tRFmt2wzf73wRz7FTxt_MHvtUx3Rw==
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2fa550788de07b8d47848a15e240cd9c
af163179e45e0a9481901a52ab1ffd14ffd6d65b
9122822273e75aa7d8dc54e1b2144d7162c2af721127e02ddf175f6ddab1466f

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Oct 2024 18:46:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail

64.233.162.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
64.233.162.84:443
ASN
#15169 GOOGLE

Requested by
https://www.upload.ee/files/14894859/HDRezkaSimplePlayer_1.8.zip.html
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint55:0A:1F:08:12:95:DF:01:4A:56:6B:7B:DB:9A:AB:07:D4:88:FF:B4
ValidityTue, 24 Sep 2024 03:18:37 GMT - Tue, 17 Dec 2024 03:18:36 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:oerTJHy4A9A8kBJDOQ5wfj48dP1Qug:8xTzF5rcWTxAKEza; Expires=Sun, 11-Oct-2026 18:46:06 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 11 Oct 2024 18:46:06 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ARpgrqc3In7v9JwpKZ47qKtcMXQIPtAdSPna9wkzpr2d5yEbbsFv9KekQJNAzgIh7FQGbLJG5WMx
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-8bzoFI7hx2JTtjlT4aGDvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
cross-origin-opener-policy: unsafe-none
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

64.233.162.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
64.233.162.84:443
ASN
#15169 GOOGLE

Requested by
https://www.upload.ee/files/14894859/HDRezkaSimplePlayer_1.8.zip.html
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint55:0A:1F:08:12:95:DF:01:4A:56:6B:7B:DB:9A:AB:07:D4:88:FF:B4
ValidityTue, 24 Sep 2024 03:18:37 GMT - Tue, 17 Dec 2024 03:18:36 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:Eic7RcfJ4_2CM8r08npuBauz-7QjGw:Uzzqqt0T3o2FGrKA; Expires=Sun, 11-Oct-2026 18:46:06 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 11 Oct 2024 18:46:06 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARpgrqfYAmVtG5Pj9UwctVxWCXvPsjYAuy0O92ys2eOQj567ziRVAYgSG7OSqW9RrdYv-jL7cTp6
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: unsafe-none
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-MTtO1ncAGvkFNzfzM3Gf5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
cross-origin-resource-policy: cross-origin
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ARpgrqc3In7v9JwpKZ47qKtcMXQIPtAdSPna9wkzpr2d5yEbbsFv9KekQJNAzgIh7FQGbLJG5WMx

64.233.162.84

302 Found

419 B

URL GET HTTP/2
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ARpgrqc3In7v9JwpKZ47qKtcMXQIPtAdSPna9wkzpr2d5yEbbsFv9KekQJNAzgIh7FQGbLJG5WMx
IP
64.233.162.84:443
ASN
#15169 GOOGLE

Requested by
https://www.upload.ee/files/14894859/HDRezkaSimplePlayer_1.8.zip.html
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint55:0A:1F:08:12:95:DF:01:4A:56:6B:7B:DB:9A:AB:07:D4:88:FF:B4
ValidityTue, 24 Sep 2024 03:18:37 GMT - Tue, 17 Dec 2024 03:18:36 GMT

File type
HTML document, ASCII text, with very long lines (389)
Size
419 B (419 bytes)
Hash
791c1c9cdd95bcfec27e8ba0406c22fd
d22c8dd2a8b60e14213c87e230486a135f07484b
6c30e0d7cf6acd0ea0f56e4471a2c27d7ed4db21072ade75c53f36da0f997ca9

HTTP Headers

GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ARpgrqc3In7v9JwpKZ47qKtcMXQIPtAdSPna9wkzpr2d5yEbbsFv9KekQJNAzgIh7FQGbLJG5WMx HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:9LezpqNRU288Vbj6Y5-zi99PLQSSSg:ZPZ5FTZ2T-VBpzAS;Path=/;Expires=Sun, 11-Oct-2026 18:46:06 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 11 Oct 2024 18:46:06 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ARpgrqeL-IqYK9xNDqNcIM6RI12WvYGlCmRqEM_hzL3cA_0FWIqGaaBZL19g-3CVNAcWouGy5lN0&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1189158168%3A1728672366122475&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-Em536rEkh711fU3Hv3pKmg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 419
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARpgrqfYAmVtG5Pj9UwctVxWCXvPsjYAuy0O92ys2eOQj567ziRVAYgSG7OSqW9RrdYv-jL7cTp6

64.233.162.84

302 Found

419 B

URL GET HTTP/2
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARpgrqfYAmVtG5Pj9UwctVxWCXvPsjYAuy0O92ys2eOQj567ziRVAYgSG7OSqW9RrdYv-jL7cTp6
IP
64.233.162.84:443
ASN
#15169 GOOGLE

Requested by
https://www.upload.ee/files/14894859/HDRezkaSimplePlayer_1.8.zip.html
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint55:0A:1F:08:12:95:DF:01:4A:56:6B:7B:DB:9A:AB:07:D4:88:FF:B4
ValidityTue, 24 Sep 2024 03:18:37 GMT - Tue, 17 Dec 2024 03:18:36 GMT

File type
HTML document, ASCII text, with very long lines (391)
Size
419 B (419 bytes)
Hash
4644f67e9927e15280c3dcfede2d35b6
16d065c3c29fb7735e1f27a7f5bd49e38524d4b3
0bae19d1681de38ac2bd036a00f02484d937fbd430163bbd313750648ec108d7

HTTP Headers

GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARpgrqfYAmVtG5Pj9UwctVxWCXvPsjYAuy0O92ys2eOQj567ziRVAYgSG7OSqW9RrdYv-jL7cTp6 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:ekMcosi_ba4Tu_1FbiKc5Q3wAjmDHA:y63_LbMzzf6EjO6-;Path=/;Expires=Sun, 11-Oct-2026 18:46:06 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 11 Oct 2024 18:46:06 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARpgrqfxI4vMVY5GnAmrTgWPPiE533OYopRNlydY-EwONdtIVaz56qID4MD5zJX9tlaO0VmiC524&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S134761441%3A1728672366130190&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-4ZTXddkib6MAOlDDl2cACw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 419
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

mileesidesukbein.com/popunder.gif

172.67.159.114

58 B

URL GET
mileesidesukbein.com/popunder.gif
IP
172.67.159.114:0
ASN
#13335 CLOUDFLARENET

Requested by
https://www.upload.ee/files/14894859/HDRezkaSimplePlayer_1.8.zip.html
Certificate
IssuerGoogle Trust Services
Subjectmileesidesukbein.com
FingerprintEF:D9:68:19:8E:C1:07:E9:C5:7D:C7:05:A8:BF:9C:6C:7B:51:9F:FF
ValidityFri, 06 Sep 2024 07:26:02 GMT - Thu, 05 Dec 2024 07:26:01 GMT

File type
GIF image data, version 89a, 1 x 1
Size
58 B (58 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /popunder.gif HTTP/1.1
Host: mileesidesukbein.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 11 Oct 2024 18:46:06 GMT
content-type: image/gif
content-length: 58
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
content-encoding: gzip
cf-cache-status: HIT
age: 47839
last-modified: Fri, 11 Oct 2024 05:28:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sQdLOWI3xK9KqN7%2BcyyKqAS1MZL9PQLYUwkgVtowSabRIPLyuhZR6l8kGiGwiAQ6jfiOAQgxulJ%2B8cN62YryFwCW6jhOoS6TSk2MnWBKXdnt7i6ie%2FVIy%2BfKHsgz%2BAw02g%2B%2Bzi%2B4Qg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d1102d08d0b56b9-OSL
alt-svc: h3=":443"; ma=86400

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
23da434d693b76e2277e10a4d7041ff0
a7266e44ec667b34e158487a4d1d2b8a78a34128
dfc9a00b5bb8f0857edce80fa7b0d17e1acf9ed46c8ad5919a8a98b5d06c963f

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Oct 2024 18:46:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r11.o.lencr.org/

23.33.119.57

504 B

URL
r11.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
af0d1cea6aa0671f0271828695f79be4
ae58030b5e611aa6a2a4b608a18e49f7f4cbe9c3
33e0e5962e66d1ce7c82595b0bca02808bbddc350a471425a2046aeb2a4e9260

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "33E0E5962E66D1CE7C82595B0BCA02808BBDDC350A471425A2046AEB2A4E9260"
Last-Modified: Thu, 10 Oct 2024 21:42:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12952
Expires: Fri, 11 Oct 2024 22:21:58 GMT
Date: Fri, 11 Oct 2024 18:46:06 GMT
Connection: keep-alive

r11.o.lencr.org/

23.33.119.57

504 B

URL
r11.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
af0d1cea6aa0671f0271828695f79be4
ae58030b5e611aa6a2a4b608a18e49f7f4cbe9c3
33e0e5962e66d1ce7c82595b0bca02808bbddc350a471425a2046aeb2a4e9260

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "33E0E5962E66D1CE7C82595B0BCA02808BBDDC350A471425A2046AEB2A4E9260"
Last-Modified: Thu, 10 Oct 2024 21:42:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12952
Expires: Fri, 11 Oct 2024 22:21:58 GMT
Date: Fri, 11 Oct 2024 18:46:06 GMT
Connection: keep-alive

r11.o.lencr.org/

23.33.119.57

504 B

URL
r11.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
af0d1cea6aa0671f0271828695f79be4
ae58030b5e611aa6a2a4b608a18e49f7f4cbe9c3
33e0e5962e66d1ce7c82595b0bca02808bbddc350a471425a2046aeb2a4e9260

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "33E0E5962E66D1CE7C82595B0BCA02808BBDDC350A471425A2046AEB2A4E9260"
Last-Modified: Thu, 10 Oct 2024 21:42:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12952
Expires: Fri, 11 Oct 2024 22:21:58 GMT
Date: Fri, 11 Oct 2024 18:46:06 GMT
Connection: keep-alive

ukankingwithea.com/

172.67.192.190

200 OK

12 kB

URL GET HTTP/2
ukankingwithea.com/
IP
172.67.192.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.upload.ee/files/14894859/HDRezkaSimplePlayer_1.8.zip.html
Certificate
IssuerGoogle Trust Services
Subjectukankingwithea.com
Fingerprint1E:50:56:01:B8:4D:0D:64:A3:5D:F9:E4:4A:5D:AE:8D:5E:FC:FB:FC
ValidityThu, 05 Sep 2024 11:45:15 GMT - Wed, 04 Dec 2024 11:45:14 GMT

File type
ASCII text, with no line terminators
Size
12 kB (11471 bytes)
Hash
e77be0d064c4e49e2252d7ca4f761e70
95fb66864fbe2a36417986246711968f6898b7e0
55d5e6d80ea77b1c99e4ebec6b33a0767049b1afba980d42760017a849bb5fd7

HTTP Headers

GET / HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Oct 2024 18:46:06 GMT
content-type: text/plain
set-cookie: csu=1129699026088829@1@1728672366; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://www.upload.ee
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AaPsmf5VdPRtJNwGYxNtYiuy%2FInihoUc4jBmrxnqqa3hbmfHwYhoamintKt9s24WMT0Zg10c6Cv4068r%2FKFGiZ%2FcmNKp939xsD0O5RParwWShr1yWWRmPCHhV0pbGwgNVT5uArI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d1102cf9c02569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ukankingwithea.com/asd100.bin

172.67.192.190

200 OK

109 kB

URL GET HTTP/2
ukankingwithea.com/asd100.bin
IP
172.67.192.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.upload.ee/files/14894859/HDRezkaSimplePlayer_1.8.zip.html
Certificate
IssuerGoogle Trust Services
Subjectukankingwithea.com
Fingerprint1E:50:56:01:B8:4D:0D:64:A3:5D:F9:E4:4A:5D:AE:8D:5E:FC:FB:FC
ValidityThu, 05 Sep 2024 11:45:15 GMT - Wed, 04 Dec 2024 11:45:14 GMT

File type
data
Size
109 kB (108571 bytes)
Hash
061183afff1be72dbc8660deca3d4bd8
44d3d58085f1daa42330f89008326a1931e6f131
ff314b609ad9def992301bb3683837b3fbd1bd0d3b6f2649c56b8a2e8c49def7

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Oct 2024 18:46:06 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://www.upload.ee
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1126
last-modified: Fri, 11 Oct 2024 18:27:20 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m0NkLQHrl%2FIY9ABZ8VDTG%2FAFMRjS4nxI6oWUf5SHhcgoNVYJFRl51BJ4LpkYvc%2BcCYR38ZgNZ7amXVA3r%2BTjO97pYSKRUp8U4xnjk59C4pnB8ckiddCdJDYcLwZCBpa6eGRjVD0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d1102cf9bfe569c-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ARpgrqeL-IqYK9xNDqNcIM6RI12WvYGlCmRqEM_hzL3cA_0FWIqGaaBZL19g-3CVNAcWouGy5lN0&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1189158168%3A1728672366122475&ddm=0

64.233.162.84

403 Forbidden

0 B

URL GET HTTP/2
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ARpgrqeL-IqYK9xNDqNcIM6RI12WvYGlCmRqEM_hzL3cA_0FWIqGaaBZL19g-3CVNAcWouGy5lN0&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1189158168%3A1728672366122475&ddm=0
IP
64.233.162.84:443
ASN
#15169 GOOGLE

Requested by
https://www.upload.ee/files/14894859/HDRezkaSimplePlayer_1.8.zip.html
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint55:0A:1F:08:12:95:DF:01:4A:56:6B:7B:DB:9A:AB:07:D4:88:FF:B4
ValidityTue, 24 Sep 2024 03:18:37 GMT - Tue, 17 Dec 2024 03:18:36 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ARpgrqeL-IqYK9xNDqNcIM6RI12WvYGlCmRqEM_hzL3cA_0FWIqGaaBZL19g-3CVNAcWouGy5lN0&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1189158168%3A1728672366122475&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 11 Oct 2024 18:46:06 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-AlEqwtxCl_M_uWtUfv1ECQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.KYvE2Q9CLYc.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

undefined/VGZ5RE41BBopcTVbG2I7JgpEYXwSQ0sCKiFWCTEqZBUdKCMuAFcnIjsTHSI8OwgNaiAxElx2CDA8SgF8GSMKAQY4Di4gDBk/LCN/LT4SHQ0VLjcGDwE0LwgYOyEoESo4Ix4CLwwfFgAWZSgvJh9kJS4SemMxHgYqDh8JFQERLBwGHB1UPAEfLCdJMwkSDxoDBmUjNyYfHQAvFX9iNysGHQEIIxAYZCgrICk7Ay0CJTolAQUaFQFIFxYjPy8hGDA8LSMIYjcSDn4SPhUcBgJfHBQmbTM7BQ8uPkkgPhYIQAcfOjcvIRg3IigGGGAsEiMPHAgNCxgVSygFAhUvKhwYbRMvEC0RJzE0FgU3GgUrPyw9BiINDz8WHAU+AwoNBVU4DigBCjsBCwJULyNoPhUWKj5pFxITL2MvDSoAISE

0.0.0.0

0 B

URL GET
undefined/VGZ5RE41BBopcTVbG2I7JgpEYXwSQ0sCKiFWCTEqZBUdKCMuAFcnIjsTHSI8OwgNaiAxElx2CDA8SgF8GSMKAQY4Di4gDBk/LCN/LT4SHQ0VLjcGDwE0LwgYOyEoESo4Ix4CLwwfFgAWZSgvJh9kJS4SemMxHgYqDh8JFQERLBwGHB1UPAEfLCdJMwkSDxoDBmUjNyYfHQAvFX9iNysGHQEIIxAYZCgrICk7Ay0CJTolAQUaFQFIFxYjPy8hGDA8LSMIYjcSDn4SPhUcBgJfHBQmbTM7BQ8uPkkgPhYIQAcfOjcvIRg3IigGGGAsEiMPHAgNCxgVSygFAhUvKhwYbRMvEC0RJzE0FgU3GgUrPyw9BiINDz8WHAU+AwoNBVU4DigBCjsBCwJULyNoPhUWKj5pFxITL2MvDSoAISE
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.upload.ee/files/14894859/HDRezkaSimplePlayer_1.8.zip.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /VGZ5RE41BBopcTVbG2I7JgpEYXwSQ0sCKiFWCTEqZBUdKCMuAFcnIjsTHSI8OwgNaiAxElx2CDA8SgF8GSMKAQY4Di4gDBk/LCN/LT4SHQ0VLjcGDwE0LwgYOyEoESo4Ix4CLwwfFgAWZSgvJh9kJS4SemMxHgYqDh8JFQERLBwGHB1UPAEfLCdJMwkSDxoDBmUjNyYfHQAvFX9iNysGHQEIIxAYZCgrICk7Ay0CJTolAQUaFQFIFxYjPy8hGDA8LSMIYjcSDn4SPhUcBgJfHBQmbTM7BQ8uPkkgPhYIQAcfOjcvIRg3IigGGGAsEiMPHAgNCxgVSygFAhUvKhwYbRMvEC0RJzE0FgU3GgUrPyw9BiINDz8WHAU+AwoNBVU4DigBCjsBCwJULyNoPhUWKj5pFxITL2MvDSoAISE HTTP/1.1
Host: undefined
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARpgrqfxI4vMVY5GnAmrTgWPPiE533OYopRNlydY-EwONdtIVaz56qID4MD5zJX9tlaO0VmiC524&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S134761441%3A1728672366130190&ddm=0

64.233.162.84

403 Forbidden

0 B

URL GET HTTP/2
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARpgrqfxI4vMVY5GnAmrTgWPPiE533OYopRNlydY-EwONdtIVaz56qID4MD5zJX9tlaO0VmiC524&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S134761441%3A1728672366130190&ddm=0
IP
64.233.162.84:443
ASN
#15169 GOOGLE

Requested by
https://www.upload.ee/files/14894859/HDRezkaSimplePlayer_1.8.zip.html
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint55:0A:1F:08:12:95:DF:01:4A:56:6B:7B:DB:9A:AB:07:D4:88:FF:B4
ValidityTue, 24 Sep 2024 03:18:37 GMT - Tue, 17 Dec 2024 03:18:36 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARpgrqfxI4vMVY5GnAmrTgWPPiE533OYopRNlydY-EwONdtIVaz56qID4MD5zJX9tlaO0VmiC524&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S134761441%3A1728672366130190&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 11 Oct 2024 18:46:06 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-kix_2XGUzodiVXS-S_jGuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.KYvE2Q9CLYc.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by